For the first time ever, Apple is distributing iPhones that are free of iOS’s usual strong locking measures. At the very least, this is the first time such devices have been released outside Apple’s secure test lab.
The company has launched the
Apple Security Research Device Program, a scheme that allows security researchers to apply to borrow an iPhone with a built-in terminal and a way to run code with any level of security. The loan is valid for 12 months at a time and the phone must be kept securely at the researcher’s workplace.
The goal is to make iOS more secure by getting external help to find serious security flaws. By giving researchers access to deeper parts of the system, they can more easily detect, test and verify flaws that Apple can then correct. Researchers can attack iOS’s various security layers without first having to bypass the other layers.
Detected security flaws must be reported to Apple if they were made intentionally. Accidental discoveries don’t have to be reported to Apple, but in both cases, detected flaws are rewarded according to Apple’s Security Bounty scheme.
In April, for example, developer Bhavuk Jain
discovered a security flaw in the ‘Sign in with Apple’ feature, and was paid $100,000.
Security researchers and hackers who can show they have previously discovered security flaws in iOS or other operating systems can apply for an unlocked handset on Apple’s website. The program is available in the US, most of the EU and a few other countries.
Get more advice on keeping your handset safe with our
iPhone security tips.
This article originally appeared on
Macworld Sweden. Translation by David Price.